Abstract
Buffer overflow has been one of the most outstanding attacks in the last ten years. This kind of vulnerability may compromise the system security by various means. Existing solutions to this problem have focused on the execution environment of the malicious program rather than the hypostasis of buffer overflow and most of them try to detect buffer overflows dynamically. This paper presents the effort of applying a static analysis approach against the programs exploiting buffer overflow and the method adopted is named Proof-Carrying Code (PCC). This paper shows that: (1) it is possible to defend against most of the buffer overflow vulnerabilities with proper use of PCC; and (2) the method is well prepared to handle the coming-up variants of the buffer overflow problems.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
